I'm debugging an issue where I think my server is spamming other servers because it is infected but all my logs stop in august last year, and rsyslog is missing from the system /etc/rsyslog.d still ...

As I understand, Linux kernel logs to /proc/kmsg file(mostly hardware-related messages) and /dev/log socket? Anywhere else? Are other applications also able to send messages to /proc/kmsg or /dev/log? ...

I'm new to remote logging with rsyslog and having looked through this page, I am unclear what each of the "locals" are used for. (EDIT - this SF question revealed a little more info)
I initially set ...

My goal is to log apt/dpkg activity using syslog (rsyslog), so that log entries are sent to central syslog server.
dpkg writes to /var/log/dpkg.log, apt writes to /var/log/apt directory.
I did some ...

So im making a research honeypot. The host is ubuntu 14.04. I want to store all of the logs from the honeypot ssh to the ubuntu host so the data is not lost.
Does anyone know anything about this?
I ...

I want to ensure that the logs written, have the correct timestamp. So, when ntpd completes the sync (ntpq -c rv displays sync_ntp), I want to restart rsyslogd. But I am not finding any hooks/config ...

I am simply trying to set up a remote logging system. I think my setup is correct but it fails and I can't get any messages from rsyslog to show up in the logs, so I can't find out why. My iptables ...

I once wanted rsyslogd (5.8.11) on a Debian 7 container (under OpenVZ) to also receive logs from remote hosts. In that, it works. What no longer works is log messages from the local host. For instance ...

I asked this over in AskUbuntu but have had no luck with an answer. I am doing experiments with different logging systems. At the moment I am trying to install rsyslog from source so I can make some ...

I've been trying to get KERN_DEBUG messages logged to a file in centos7, but have had no luck. I can get them just fine from "dmesg," but not /var/log/messages or /var/log/dmesg
Here's a MWE kernel ...

Hi I'm trying to filter usb messages, specifically of new connections. all of my clients are configured to send to a central server their 'kern.*' log.
problem is I'm getting to much "junk" logs and ...

I am seeing "debug3: Received SSH2_MSG_IGNORE" appear in the terminal on a RHEL 6 Linux server. I thought maybe rsyslog had a console entry, but it doesn't. sshd_config has logging at AUTHPRIV, and ...

By default in RHEL 6, SSH server logs are sent to /var/log/secure. I want to change this location to a custom one. Is it possible to do that?
I have tried modifying the rsyslog.conf file, but it does ...